A Systems Analysis Of Insider Data Exfiltration

Download or read book A Systems Analysis of Insider Data Exfiltration written by Nana Essilfie-Conduah (S.M.) and published by . This book was released on 2019 with total page 110 pages. Available in PDF, EPUB and Kindle. Book excerpt: It has become common place to hear of data breaches. Typically, we hear of external hackers as the perpetrators, however, the reality is there is a high frequency of threats from insiders within an organization and that the cost and challenge in detecting these threats is considerable. The issue has affected companies in multiple private sectors (finance, retail) and the public sector is also at risk as apparent with the Edward Snowden and Chelsea Manning cases. This thesis explores the current space of insider threats in terms of frequency, cost and complexity in attack assessment. It also explores the multiple perspectives and stakeholders that make up the complex insider threat systems. Insights from multiple insider threat cases as well as subject matter experts in cyber security were used to model and pinpoint the high value metrics around access management and logging that will aid audit efforts. Following this an exploration of kill chains, blockchain technology and hierarchical organization exploration is made. Research findings highlight the wide reach of excessive privileges and the crucial role resource access and event logging of stakeholder actions plays in the success of insider threat prevention. In response to this finding a proposal is made for a combined solution that aims to provide an easy and accessible interface for searching and requesting access to resources that scales with an organization. This proposal suggests the capitalization of the transparent and immutable properties of blockchain to ledger the requesting and approval of file access through dynamic and multi user approval logic. The solution combines simplistic file-based resource access in an accessible manner with a multi layered security approach that adds further hurdles for bad actors but provides a visible and reliable look back on an immutable audit path.